About the Author
Security is a foremost concern in today’s technology landscape, and all organisations should be asking: is our data safe? Law is no exception. In fact, cybersecurity is especially relevant in the legal field due to the sensitive nature of client data, so law firms should do their homework when partnering with IT software suppliers.
But what are the right questions to ask? Here are essential topics on security you should cover with your legal software supplier.
1. What are the accreditations?
When choosing legal software suppliers, it’s crucial to ensure the company has the right accreditations. ISO 27001 is considered best practice in the field of information security management, and IT companies that are at the top of their game will be ISO 27001 certified.
Several IT companies will also hold Cyber Essentials and GDPR accreditations, as DPS Software does. GDPR stands for the General Data Protection Regulation, and any violation of this regulation can lead to penalisation by the Information Commissioner’s Office.
2. Do they have their own developers?
Several IT suppliers outsource work to other developers, who work closely with their company to provide you with the service you require. This means that a third party will have access to your data, which increases the threat of a leak or a security breach. It’s safer if the IT company works with their own developers and keeps information in-house.
3. Do they support two-step authentication?
Two-step authentication is when a user must go through two steps to log in and access the data. This provides an additional layer of security. In two-step authentication, users are expected to enter a password and provide a second piece of data – for example, a six-digit code sent to their mobile phones or a biometric factor. This ensures your data is safer than if only a password were required.
4. Do they offer data encryption via the cloud?
All good IT service providers should encrypt your data before it is transferred into storage on the cloud. This keeps your data safe, as only customers have encryption keys to decrypt the data.
Additional Questions: Knowing the company you're working with
The above questions are great examples of the essential topics you should cover when thinking about an IT service provider and the kind of security they offer. But there are also other factors that come into play when entrusting your company’s legal data to a software provider. For instance:
- How comfortable are you with the company? Do you feel secure with them?
- What kind of track record does the company have? Do their testimonials prove client satisfaction, and does the company have a long history of providing this service and providing it well?
- How is their customer support? Are their demos clear and informative? Do they have good aftercare and support systems in place?
- Will they be able to tackle a crisis should it arise?
These questions may not deal with the nitty-gritty of security technology, but they matter. Your relationship with your IT firm is as important as the service they provide. If you don’t feel like you can trust them, if you don’t feel supported, or if their track record gives you pause, then they may not be the right fit.
Cybercrime is not something that will go away, and it’s crucial to pick a company that you trust to tackle it. DPS takes that trust very seriously – get in touch with our friendly team today to find out how we can help you manage and secure your data.